Data leak
Finastra SFTP Banking Software Data Breach
Primary Source βIncident Details
Finastra (London-based fintech serving 45 of the world’s top 50 banks and 8,100+ financial institutions in 130 countries) had its SFTP platform accessed between 31 October and 8 November 2024. Threat actor ‘abyss0’ claimed 400 GB of compressed data on BreachForums. The SFTP was used to share files with bank customers, raising concerns about sensitive financial institution data. No malware was deployed; customer files were not altered. Finastra only began customer notifications on 12 February 2025.
Technical Details
- Initial Attack Vector
- Threat actor used compromised credentials to access Finastra's Secure File Transfer Platform (IBM Aspera SFTP); no malware deployed β data-only theft via stolen credentials
- Vendor / Product
- IBM Aspera (SFTP/managed file transfer)
Timeline
- 2024-10-31 Breach occurred
- 2024-11-08 Publicly disclosed
- 2025-02-12 Customers notified